164 matches found
CVE-2025-30814 WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme The Post Grid the-post-grid allows PHP Local File Inclusion.This issue affects The Post Grid: from n/a through = 7.7.17...
CVE-2025-30814
CVE-2025-30814 : The Post Grid (The Post Grid) for WordPress is vulnerable to PHP Local File Inclusion via improper filename validation in include/require, leading to a Contributor+ authenticated LFI. Affected: The Post Grid
PT-2025-13089 · Radiustheme · Radiustheme The Post Grid
Name of the Vulnerable Software and Affected Versions: RadiusTheme The Post Grid versions n/a through 7.7.17 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...
CVE-2025-24712
Cross-Site Request Forgery CSRF vulnerability in RadiusTheme Radius Blocks radius-blocks allows Cross Site Request Forgery.This issue affects Radius Blocks: from n/a through = 2.1.2...
CVE-2024-54272
CVE-2024-54272 (Radius Blocks – WordPress Gutenberg Blocks) stores input without proper neutralization, enabling Stored XSS in Radius Blocks—WordPress Gutenberg Blocks (affected: up to 2.1.2). Red Hat and Wordfence sources confirm the issue; patch status is Patch, with mitigation by updating to a...
CVE-2024-52386
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through = 3.1.16...
CVE-2024-52386 WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through = 3.1.16...
CVE-2024-52386 WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through = 3.1.16...
CVE-2024-37483
Missing Authorization vulnerability in RadiusTheme The Post Grid the-post-grid.This issue affects The Post Grid: from n/a through = 7.7.4...
CVE-2024-37481
Missing Authorization vulnerability in RadiusTheme The Post Grid the-post-grid.This issue affects The Post Grid: from n/a through = 7.7.4...
CVE-2024-37482
Missing Authorization vulnerability in RadiusTheme The Post Grid the-post-grid.This issue affects The Post Grid: from n/a through = 7.7.4...
CVE-2024-37482
CVE-2024-37482 corresponds to a Missing Authorization (broken access control) vulnerability in The Post Grid (WordPress plugin by RadiusTheme). The Post Grid allows exploitation of misconfigured access control levels, affecting The Post Grid versions from n/a up to 7.7.4. Public disclosures and t...
CVE-2024-37482 WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Post Grid: from n/a through 7.7.4...
CVE-2024-37483
CVE-2024-37483 describes a Missing Authorization vulnerability in the WordPress plugin The Post Grid by RadiusTheme. The issue affects The Post Grid versions up to and including 7.7.4 and involves exploitable access control misconfigurations that permit bypassing authorization checks due to Incor...
CVE-2024-37483 WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in RadiusTheme The Post Grid the-post-grid.This issue affects The Post Grid: from n/a through = 7.7.4...
PT-2024-27591 · Radiustheme · Post Grid Team
Name of the Vulnerable Software and Affected Versions: Post Grid Team by RadiusTheme versions n/a through 7.7.4 Description: The issue is related to a Missing Authorization vulnerability in the Post Grid Team by RadiusTheme. It allows exploiting incorrectly configured access control security...
PT-2024-27590 · Radiustheme · Post Grid
Name of the Vulnerable Software and Affected Versions: Post Grid Team by RadiusTheme versions through 7.7.4 Description: The issue is related to a Missing Authorization vulnerability, where the Post Grid allows accessing functionality not properly constrained by ACLs. Recommendations: For version...
CVE-2024-37520
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons allows Path Traversal.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through 2.1.12...
CVE-2024-37520
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through = 2.1.12...
CVE-2024-37520
CVE-2024-37520 describes a path traversal (local file inclusion) vulnerability in the ShopBuilder – Elementor WooCommerce Builder Addons WordPress plugin. The flaw affects ShopBuilder versions n/a through 2.1.12 and is listed as an authenticated (Contributor+) issue with LFI via improper pathname...